Email-based impersonation scams are a significant cyber threat for businesses online. According to Scamwatch, a website run by the Australian Competition and Consumer Commission, Australians lost over $4.7 million to impersonation attacks in 2017.
Some typical schemes involve criminals using phishing emails and posing as key executives in the company. Then, they ask victims to pay invoices, perform money transfers, or send sensitive data. The unwitting employee, thinking it’s their manager or the business owner making the request, would comply, resulting in theft or a data breach.
Email is an old technology created when brand protection and online security weren’t significant concerns. As such, it is vulnerable to attacks. Fortunately, there are simple or free measures for protecting a business from these types of cyberattacks. Here are some things to know about email-based scams.
Impersonation Attacks Involve Email Spoofing
Email spoofing involves forging an email to make it appear like it was sent by someone else. Spoofing mimics the name of one of the company’s top-ranking officers and sometimes even their email address. Typically, attackers use this method to trick people into sending sensitive data or paying fake invoices. A spoofed email could also contain a link or an attachment that contains harmful data that can steal user credentials.
How Spoofing an Email Works
To know how you must combat cyber attacks, you need to know how they work. Two common impersonation methods are email address spoofing and display name spoofing. In the first method, the person’s address and name appear to be from the company. In the second, only the name is spoofed. For example:
- Email Address Spoofing: Suppose Jane Doe works in your company. If an attacker spoofs Jane using the first method, the sender’s email will look like this: Jane Doe <firstname.lastname@example.org>.
- Display Name Spoofing: In the second method, the attacker only spoofs Jane’s name, not their email address. It will look like this: Jane Doe <email@example.com>.
The first method is more thorough and can even dupe high-level officers, especially if they aren’t vigilant about email security. The second method is easier to carry out and does not involve sophisticated technology. If the attacker has the name of an important person in your company, they can use it to sign up for a free email service like Outlook, Gmail, or Yahoo Mail and start emailing people with it.
Fortunately, your IT department can help prevent either kind of scam. There are several ways they can prevent address or display name spoofing.
How to Prevent Email Address Spoofing
You or your IT personnel can change your email service settings and prevent deceptive emails from entering your company. You can also provide notice to other email services detailing what legitimate emails for your domain look like. Information like the domain’s Sender Policy Framework (SPF) record, DomainKeys Identified Mail (DKIM) record, and Domain-based Message Authentication, Reporting, and Conformance (DMARC) record enable you to protect your organisation’s network.
How to Prevent Display Name Spoofing
Although it involves less specialised tech than email spoofing, don’t discount this second method. Since the attackers use a “valid” email address they registered, the emails from these accounts get through anti-spam filters. What’s more, SPF, DKIM, and DMARC records won’t flag these as phishing emails since the addresses are “real” ones the attackers registered.
For the second method, your employees are your most significant line of defence. They must know how to spot emails that aren’t from your company. It is easier said than done—when people are rushing to beat deadlines or are unfamiliar with the company’s organisational structure, they might reply to a spoof email, thinking it’s legitimate.
Savvier attackers might even copy the sign-offs that people use in their email signatures, convincing people who are only taking a cursory look at the email. Employees should know how to identify the visual cues associated with forged display names.
How Else Can You Prevent Email Phishing?
The third option to combat impersonation attacks, whether they spoof the email address or the display name, is anti-phishing services. These services use algorithms and machine learning systems that analyse inbound emails for red flags like poor sender reputation, invalid digital signatures, wrong semantics or wording, and more.
Email spoofing can deceive personnel into making payments, transferring credentials, or sending sensitive information to attackers. Besides setting up a domain’s DNS records and teaching employees about email security, using anti-phishing services adds a layer of protection to your company’s infrastructure.
Keep your organisation safe when you partner with CelebProtect. We are a digital brand protection company that has been providing top-notch security and protection online since 2003. Contact us today to learn more!